Joomla 1.5.12 Remote Code Execution Exploit

A vulnerability exists in the TinyMCE editor, included in the tiny browser plugin, which allows uploading files without authentication. This can be exploited to upload files with multiple extensions and execute arbitrary PHP code.
Exploit type: 
Vulnerabilty ID: 
Released Date: 
Sunday, August 30, 2009 - 19:00